From owner-p4-projects@FreeBSD.ORG  Sun Oct  6 16:54:05 2013
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
 id F3F0A6F2; Sun,  6 Oct 2013 16:54:04 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 9DF8B6F0
 for <perforce@freebsd.org>; Sun,  6 Oct 2013 16:54:04 +0000 (UTC)
 (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [8.8.178.74])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 7CA792401
 for <perforce@freebsd.org>; Sun,  6 Oct 2013 16:54:04 +0000 (UTC)
Received: from skunkworks.freebsd.org ([127.0.1.74])
 by skunkworks.freebsd.org (8.14.7/8.14.7) with ESMTP id r96Gs45s007448
 for <perforce@freebsd.org>; Sun, 6 Oct 2013 16:54:04 GMT
 (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
 by skunkworks.freebsd.org (8.14.7/8.14.6/Submit) id r96Gs4xR007445
 for perforce@freebsd.org; Sun, 6 Oct 2013 16:54:04 GMT
 (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Sun, 6 Oct 2013 16:54:04 GMT
Message-Id: <201310061654.r96Gs4xR007445@skunkworks.freebsd.org>
X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to
 bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Subject: PERFORCE change 983497 for review
To: Perforce Change Reviews <perforce@FreeBSD.org>
Precedence: bulk
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.14
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/p4-projects>,
 <mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
 <mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Oct 2013 16:54:05 -0000

http://p4web.freebsd.org/@@983497?ac=10

Change 983497 by rwatson@rwatson_zenith_cl_cam_ac_uk on 2013/10/06 16:53:28

	As the trusted stack has three 64-bit fields free after the PC due
	to alignment requirements, use one of those fields to hold a copy
	of $sp, which is restored on CReturn.  In a stronger capability
	world, we might want to also save a stack capability.  The stack
	pointer is useful in pointing to the per-thread preserved state of
	the code invoking CCall, allowing it to be properly restored after
	CReturn.
	
	While here: be more clear about "stack pointer" vs "trusted stack
	pointer"; also remove a bit of unneeded padding in the CHERI stack
	structure, causing it to shrink 32 bytes.

Affected files ...

.. //depot/projects/ctsrd/cheribsd/src/sys/mips/cheri/ccall.S#10 edit
.. //depot/projects/ctsrd/cheribsd/src/sys/mips/cheri/cheri_stack.c#3 edit
.. //depot/projects/ctsrd/cheribsd/src/sys/mips/include/cheri.h#27 edit
.. //depot/projects/ctsrd/cheribsd/src/sys/mips/mips/genassym.c#8 edit

Differences ...

==== //depot/projects/ctsrd/cheribsd/src/sys/mips/cheri/ccall.S#10 (text+ko) ====

@@ -177,19 +177,19 @@
 	PTR_L		k1, PC_CURPCB(k1)
 
 	/* Retrieve current trusted stack pointer. */
-	PTR_L		k0, U_PCB_CHERISTACK_SP(k1)
+	PTR_L		k0, U_PCB_CHERISTACK_TSP(k1)
 
 	/* If at bottom (byte offset 0), then overflow. */
 	beqz		k0, CCall_stack_overflow
 	nop
 
-	/* Decrement stack pointer. */
+	/* Decrement trusted stack pointer. */
 	PTR_SUBIU	k0, k0, CHERI_FRAME_SIZE
 
-	/* Write back stack pointer. */
-	PTR_S		k0, U_PCB_CHERISTACK_SP(k1)
+	/* Write back trusted stack pointer. */
+	PTR_S		k0, U_PCB_CHERISTACK_TSP(k1)
 
-	/* Convert stack-relative offset to global pointer. */
+	/* Convert trusted stack-relative offset to global pointer. */
 	PTR_ADDU	k0, k1, k0			/* Add PCB pointer. */
 	PTR_ADDIU	k0, k0, U_PCB_CHERISTACK_FRAMES	/* Add PCB offset. */
 
@@ -199,6 +199,15 @@
 	/* Push PCC. */
 	csc		CHERI_REG_EPCC, k0, CHERI_STACKFRAME_PCC(CHERI_REG_KDC)
 
+	/*
+	 * Push SP; zero register afterwards since the caller is unable to do
+	 * that before CCall.
+	 *
+	 * XXXRW: Not called for by CHERI spec.
+	 */
+	csd		sp, k0, CHERI_STACKFRAME_SP(CHERI_REG_KDC)
+	move		sp, zero
+
 	/* Push PC + 4; k1 is overwritten, so no longer PCB pointer. */
 	MFC0		k1, MIPS_COP_0_EXC_PC
 	PTR_ADDU	k1, k1, 4
@@ -280,15 +289,15 @@
 	 * The only currently defined check in CReturn is stack underflow;
 	 * perform that check.
 	 */
-	PTR_L		k0, U_PCB_CHERISTACK_SP(k1)
+	PTR_L		k0, U_PCB_CHERISTACK_TSP(k1)
 	sltiu		k0, CHERI_STACK_SIZE
 	beqz		k0, CReturn_stack_underflow
 	nop
 
-	/* Reload stack pointer. */
-	PTR_L		k0, U_PCB_CHERISTACK_SP(k1)
+	/* Reload trusted stack pointer. */
+	PTR_L		k0, U_PCB_CHERISTACK_TSP(k1)
 	
-	/* Convert stack-relative offset to global pointer. */
+	/* Convert trusted stack-relative offset to global pointer. */
 	PTR_ADDU	k0, k1, k0			/* Add PCB pointer. */
 	PTR_ADDIU	k0, k0, U_PCB_CHERISTACK_FRAMES	/* Add PCB offset. */
 
@@ -298,15 +307,22 @@
 	/* Pop PCC. */
 	clc		CHERI_REG_EPCC, k0, CHERI_STACKFRAME_PCC(CHERI_REG_KDC)
 
+	/*
+	 * Pop SP.
+	 *
+	 * XXXRW: Not called for by CHERI spec.
+	 */
+	cld		sp, k0, CHERI_STACKFRAME_SP(CHERI_REG_KDC)
+
 	/* Pop PC + padding; +4 already done; toasts k0; k1 still PCB. */
 	cld		k0, k0, CHERI_STACKFRAME_PC(CHERI_REG_KDC)
 	MTC0		k0, MIPS_COP_0_EXC_PC
 	COP0_SYNC
 
-	/* Update stack pointer. */
-	PTR_L		k0, U_PCB_CHERISTACK_SP(k1)
+	/* Update trusted stack pointer. */
+	PTR_L		k0, U_PCB_CHERISTACK_TSP(k1)
 	PTR_ADDIU	k0, CHERI_FRAME_SIZE
-	PTR_S		k0, U_PCB_CHERISTACK_SP(k1)
+	PTR_S		k0, U_PCB_CHERISTACK_TSP(k1)
 
 	CHERI_EXCEPTION_RETURN(k0)
 	eret

==== //depot/projects/ctsrd/cheribsd/src/sys/mips/cheri/cheri_stack.c#3 (text+ko) ====

@@ -82,7 +82,7 @@
 {
 
 	bzero(&pcb->pcb_cheristack, sizeof(pcb->pcb_cheristack));
-	pcb->pcb_cheristack.cs_sp = CHERI_STACK_SIZE;
+	pcb->pcb_cheristack.cs_tsp = CHERI_STACK_SIZE;
 }
 
 /*

==== //depot/projects/ctsrd/cheribsd/src/sys/mips/include/cheri.h#27 (text+ko) ====

@@ -110,21 +110,20 @@
  * will want to manage the idea of a "trusted stack".
  */
 struct cheri_stack_frame {
-	register_t	csf_pc;
+	register_t	csf_pc;		/* MIPS program counter. */
+	register_t	csf_sp;		/* MIPS stack pointer. */
 	register_t	_csf_pad0;
 	register_t	_csf_pad1;
-	register_t	_csf_pad2;
 	struct chericap	csf_pcc;
 	struct chericap	csf_idc;
 };
 
 #define	CHERI_STACK_DEPTH	2	/* XXXRW: 2 is a nice round number. */
 struct cheri_stack {
-	register_t	cs_sp;		/* Byte offset, not frame index. */
+	register_t	cs_tsp;		/* Byte offset, not frame index. */
 	register_t	_cs_pad0;
 	register_t	_cs_pad1;
 	register_t	_cs_pad2;
-	register_t	_cs_pad3;
 	struct cheri_stack_frame	cs_frames[CHERI_STACK_DEPTH];
 } __aligned(CHERICAP_SIZE);
 

==== //depot/projects/ctsrd/cheribsd/src/sys/mips/mips/genassym.c#8 (text+ko) ====

@@ -109,9 +109,10 @@
 ASSYM(CHERI_FRAME_SIZE, sizeof(struct cheri_stack_frame) * CHERI_STACK_DEPTH);
 ASSYM(CHERI_STACK_SIZE, sizeof(struct cheri_stack_frame));
 ASSYM(U_PCB_CHERIFRAME, offsetof(struct pcb, pcb_cheriframe));
-ASSYM(U_PCB_CHERISTACK_SP, offsetof(struct pcb, pcb_cheristack.cs_sp));
+ASSYM(U_PCB_CHERISTACK_TSP, offsetof(struct pcb, pcb_cheristack.cs_tsp));
 ASSYM(U_PCB_CHERISTACK_FRAMES, offsetof(struct pcb, pcb_cheristack.cs_frames));
 ASSYM(CHERI_STACKFRAME_PC, offsetof(struct cheri_stack_frame, csf_pc));
+ASSYM(CHERI_STACKFRAME_SP, offsetof(struct cheri_stack_frame, csf_sp));
 ASSYM(CHERI_STACKFRAME_PCC, offsetof(struct cheri_stack_frame, csf_pcc));
 ASSYM(CHERI_STACKFRAME_IDC, offsetof(struct cheri_stack_frame, csf_idc));
 #endif